Loading...
Please wait, while we are loading the content...
Attack Analysis Framework for Cyber-Attack and Defense Test Platform
| Content Provider | MDPI |
|---|---|
| Author | Qi, Yulu Jiang, Rong Jia, Yan Li, Aiping |
| Copyright Year | 2020 |
| Description | In 2012, Google first proposed the knowledge graph and applied it in the field of intelligent searching. Subsequently, knowledge graphs have been used for in-depth association analysis in different fields. In recent years, composite attacks have been discovered through association analysis in the field of cyber security. This paper proposes an attack analysis framework for cyber-attack and defense test platforms, which stores prior knowledge in a cyber security knowledge graph and attack rule base as data that can be understood by a computer, sets the time interval of analysis on the Spark framework, and then mines attack chains from massive data with spatiotemporal constraints, so as to achieve the balance between automated analysis and real-time accurate performance. The experimental results show that the analysis accuracy depends on the completeness of the cyber security knowledge graph and the precision of the detection results from security equipment. With the rational expectation about more exposure of attacks and faster upgrade of security equipment, it is necessary and meaningful to constantly improve the cyber security knowledge graph in the attack analysis framework. |
| Starting Page | 1413 |
| e-ISSN | 20799292 |
| DOI | 10.3390/electronics9091413 |
| Journal | Electronics |
| Issue Number | 9 |
| Volume Number | 9 |
| Language | English |
| Publisher | MDPI |
| Publisher Date | 2020-09-01 |
| Access Restriction | Open |
| Subject Keyword | Electronics Cybernetical Science Industrial Engineering Cyber Security Knowledge Graph Self-defined Rule Reasoning Threat Element Association Statistics Composite Attack Rule Base |
| Content Type | Text |
| Resource Type | Article |
